Eric, Just to add more details to this problem. Just as an experiment, I tried getting rid of all the additional http parameters in my 'next' url below (the ones I explained get added at runtime), and I still got the same result (no redirection from Google). Can you tell what is going on? (e.g. is this actually a bug that will prevent me from using secure tokens? ). Thanks for looking into this, -Patricia
> -----Original Message----- > From: [email protected] > [mailto:[EMAIL PROTECTED] On Behalf Of > Patricia Goldweic > Sent: Monday, November 24, 2008 5:07 PM > To: [email protected] > Subject: RE: AuthSub not working well with secure tokens? > > > Eric, > Here's my complete statement: > > String requestUrl = > AuthSubUtil.getRequestUrl("testfacultyu.northwestern.edu", > "http://gint.at.northwestern.edu/samltool/GintShareHelperServlet";, > "http://docs.google.com/feeds";, true, true); > > > Actually, at run time, my program appends a few http > parameters to the 'gint' url before calling the > AuthSubUtil.getRequestUrl() method (at least 3 parameters in > fact, which tell it which page to display next, and what is > the original http request about). So the url above can become > url?collabID=<some id>&... Etc. > > Please note that the same thing was true when I was using > unsecure tokens instead (the first boolean flag above was > false), and I had no trouble whatsoever. > > Any suggestions? > -Patricia > > > > > -----Original Message----- > > From: [email protected] > > [mailto:[EMAIL PROTECTED] On Behalf Of Eric > > (Google) > > Sent: Monday, November 24, 2008 3:23 PM > > To: Google Docs Data APIs > > Subject: Re: AuthSub not working well with secure tokens? > > > > > > Hmmm, what's the full URL from the AuthSubRequest page? > > > > Eric > > > > On Nov 24, 11:31 am, "Patricia Goldweic" > <[EMAIL PROTECTED]> > > wrote: > > > Hi Eric, > > > Thanks for replying. I actually did the call to > > getRequestUrl in the > > > way you suggested, with both parameters set to true. I just never > > > heard back from Google :-( about this request, which is the > > reason for > > > this post (in other words, AuthSubUtil does not seem to > be properly > > > processing my request, and does not redirect back to my > > application as expected. > > > > > > -Patricia > > > > > > > -----Original Message----- > > > > From: [email protected] > > > > [mailto:[EMAIL PROTECTED] On > Behalf Of Eric > > > > (Google) > > > > Sent: Monday, November 24, 2008 1:21 PM > > > > To: Google Docs Data APIs > > > > Subject: Re: AuthSub not working well with secure tokens? > > > > > > > Hi Patricia, > > > > > > > The Base API group you mentioned is for the Base Data API: > > > >http://code.google.com/apis/base/ > > > > > > > The best place to post for Auth issues is in that group: > > > >http://groups.google.com/group/Google-Accounts-API/topics > > > > > > > That being said, I also monitor the Accounts forum :) If you're > > > > using secure AuthSub, you need to request a token with > > > > secure=1: > > > > > > > boolean secure = true > > > > boolean sesssion = true > > > > String requestUrl = > > > > > > AuthSubUtil.getRequestUrl("http://www.example.com/RetrieveToken";, > > > > "http://docs.google.com/feeds/";, > > > > secure , > > > > sesssion ); > > > > > > > and on subsequent requests (even the token upgrade), use > > your RSA > > > >private key for signing: > > > > > > >http://code.google.com/apis/gdata/authsub.html#request-session-token > > > > > > > java.security.PrivateKey privateKey = > > > > AuthSubUtil.getPrivateKeyFromKeystore("AuthSubExample.jks", > > > > "changeme", > > > > "AuthSubExample", > > > > "changeme"); String sessionToken = > > > > AuthSubUtil.exchangeForSessionToken > > > > (onetimeUseToken, > > > > > > > > privateKey); > > > > > > > Information on how to create a key using Java keytool: > > > >http://code.google.com/apis/gdata/authsub.html#Registered > > > > > > > And upload the public certificate to ManageDomain as > > described here: > > > >http://code.google.com/apis/accounts/docs/RegistrationForWebAp > > > > psAuto.html > > > > > > > Cheers, > > > > Eric > > > > > > > On Nov 24, 10:44 am, "Patricia Goldweic" > > > > <[EMAIL PROTECTED]> > > > > wrote: > > > > > I have just posted this email to the google Base Data apis > > > > group, but > > > > > I wonder if anybody in this group may have a suggestion. > > > > > Thanks in advance, > > > > > -Patricia > > > > > > > > > -----Original Message----- > > > > > > From: [EMAIL PROTECTED] > > > > > > [mailto:[EMAIL PROTECTED] On Behalf Of > > > > > > patriciaG > > > > > > Sent: Monday, November 24, 2008 12:33 PM > > > > > > To: Google Base Data API > > > > > > Subject: [Google-Base-API] AuthSub not working well > > with secure > > > > > > tokens? > > > > > > > > > I've recently started experimenting with AuthSub to > > > > programmatically > > > > > > update the sharing permissions over individual Google > > docs. This > > > > > > seemed to be working fine when I was using unsecure > > > > tokens that were > > > > > > eventually exchanged for a session token (I'm using the > > > > Java client > > > > > > library for this). > > > > > > However, when I tried switching to requesting a > secure token > > > > > > from Google, I stopped getting the redirects from > Google with > > > > > > the one time token. > > > > > > In other words, when I make the call: > > > > > > > > > String requestUrl = > > > > > > > > > > > AuthSubUtil.getRequestUrl("http://www.mydomain.com/RetrieveToken";, > > > > > > > > > > "http://www.google.com/calendar/feeds/";, > > > > > > false, > > > > > > true); > > > > > > > > > The url in my application: > > "http://www.mydomain.com/RetrieveToken"; > > > > > > DOES NOT GAIN CONTROL of the http request process, > > and so I can > > > > > > neither retrieve the one time token, nor do > anything else at > > > > > > that point (no Java exceptions or error messages are > > generated > > > > > > by Google). > > > > > > > > > Can somebody suggest what the problem is here, and how > > > > can I resolve > > > > > > it? > > > > > > Thanks in advance, > > > > > > -Patricia > > > > > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Docs Data APIs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/Google-Docs-Data-APIs?hl=en -~----------~----~----~----~------~----~------~--~---
